diff options
-rw-r--r-- | source3/rpc_server/srv_samr.c | 23 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 61 |
2 files changed, 32 insertions, 52 deletions
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index d5666e741d..e3ac2e42d5 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -349,28 +349,7 @@ static bool api_samr_query_userinfo(pipes_struct *p) static bool api_samr_query_usergroups(pipes_struct *p) { - SAMR_Q_QUERY_USERGROUPS q_u; - SAMR_R_QUERY_USERGROUPS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_query_usergroups("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_usergroups: unable to unmarshall SAMR_Q_QUERY_USERGROUPS.\n")); - return False; - } - - r_u.status = _samr_query_usergroups(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_query_usergroups("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_usergroups: unable to marshall SAMR_R_QUERY_USERGROUPS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_GETGROUPSFORUSER); } /******************************************************************* diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 5081565a5a..36860f9182 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2184,16 +2184,17 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ } /******************************************************************* - samr_reply_query_usergroups + _samr_GetGroupsForUser ********************************************************************/ -NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAMR_R_QUERY_USERGROUPS *r_u) +NTSTATUS _samr_GetGroupsForUser(pipes_struct *p, + struct samr_GetGroupsForUser *r) { struct samu *sam_pass=NULL; DOM_SID sid; DOM_SID *sids; - DOM_GID dom_gid; - DOM_GID *gids = NULL; + struct samr_RidWithAttribute dom_gid; + struct samr_RidWithAttribute *gids = NULL; uint32 primary_group_rid; size_t num_groups = 0; gid_t *unix_gids; @@ -2203,6 +2204,8 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S NTSTATUS result; bool success = False; + struct samr_RidWithAttributeArray *rids = NULL; + /* * from the SID in the request: * we should send back the list of DOMAIN GROUPS @@ -2215,16 +2218,22 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S * JFM, 12/2/2001 */ - r_u->status = NT_STATUS_OK; + DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__)); - DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); + rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidWithAttributeArray); + if (!rids) { + return NT_STATUS_NO_MEMORY; + } /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.user_handle, &sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_USER_GET_GROUPS, "_samr_query_usergroups"))) { - return r_u->status; + result = access_check_samr_function(acc_granted, + SA_RIGHT_USER_GET_GROUPS, + "_samr_GetGroupsForUser"); + if (!NT_STATUS_IS_OK(result)) { + return result; } if (!sid_check_is_in_our_domain(&sid)) @@ -2274,36 +2283,38 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S gids = NULL; num_gids = 0; - dom_gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT| - SE_GROUP_ENABLED); - dom_gid.g_rid = primary_group_rid; - ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids); + dom_gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT| + SE_GROUP_ENABLED); + dom_gid.rid = primary_group_rid; + ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids); for (i=0; i<num_groups; i++) { if (!sid_peek_check_rid(get_global_sam_sid(), - &(sids[i]), &dom_gid.g_rid)) { + &(sids[i]), &dom_gid.rid)) { DEBUG(10, ("Found sid %s not in our domain\n", sid_string_dbg(&sids[i]))); continue; } - if (dom_gid.g_rid == primary_group_rid) { + if (dom_gid.rid == primary_group_rid) { /* We added the primary group directly from the * sam_account. The other SIDs are unique from * enum_group_memberships */ continue; } - ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids); + ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids); } - /* construct the response. lkclXXXX: gids are not copied! */ - init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status); + rids->count = num_gids; + rids->rids = gids; - DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); + *r->out.rids = rids; - return r_u->status; + DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__)); + + return result; } /******************************************************************* @@ -5268,16 +5279,6 @@ NTSTATUS _samr_ChangePasswordUser(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_GetGroupsForUser(pipes_struct *p, - struct samr_GetGroupsForUser *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p, struct samr_QueryDisplayInfo *r) { |